On Wed, Aug 20, 2025 at 04:11:42PM +0300, Avram-Teodor Berindeie via
Postfix-users wrote:
> Hello, I would like to know if in Postfix 3.10.x there is a
> possibility to disable a cipher for example
> *TLS_CHACHA20_POLY1305_SHA256* [...]
Postfix main.cf parameters to control cipher selection cover only
TLS 1.0-1.2 ciphers that specify the entire 4-tuple of key exchange,
signature algorithm, symmetric bulk-encryption and MAC.
You're asking about TLS 1.3 ciphers that omit the kex and sig algs.
There are no Postfix parameters that directly configure these, but
you can use "tls_config_file" and/or "tls_config_name", and specify
the TLS 1.3 ciphers there...
main.cf:
tls_config_file = ${config_directory}/openssl.cnf
tls_config_name = postfix
openssl.conf
# In the "default" section prior to any [named_section]
# The section names used below are arbitrary, name them
# as you see fit, but the "keys", to the left of the "="
# sign, must be as indicated and map to the section names
# you decided.
postfix = postfix_settings
...
[postfix_settings]
ssl_conf = postfix_ssl_settings
[postfix_ssl_settings]
system_default = postfix_ssl_defaults
[postfix_ssl_defaults]
# See SSL_CONF_cmd(3). Best to avoid any settings here that may
# conflict with parameters that you can specify in main.cf. The
# TLS 1.3 cipherlist has no main.cf equivalent, so OK here. The
# "Groups" parameter is also ok, when configured as documented
# under "tls_eecdh_auto_curves" in postconf(5).
#
Ciphersuites = ...
# Groups = ...
The OpenSSL docs say:
Ciphersuites
Sets the available ciphersuites for TLSv1.3 to value. This is a
colon-separated list of TLSv1.3 ciphersuite names in order of
preference. This list will be combined any configured TLSv1.2 and
below ciphersuites. See openssl-ciphers(1) for more information.
In particular, that means there's no "exclusion" syntax, you just
have to list the ciphers you want to enable, which is not ideal.
But few enough are defined, my build of OpenSSL 3.5 has:
$ /opt/openssl/3.5/bin/openssl ciphers -V -s -tls1_3
0x13,0x02 - TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any
Enc=AESGCM(256) Mac=AEAD
0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any
Enc=CHACHA20/POLY1305(256) Mac=AEAD
0x13,0x01 - TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any
Enc=AESGCM(128) Mac=AEAD
There are only 9 possible non-empty proper sublists of that list to
choose from (6 2-tuples and 3 singletons).
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
